TSG-13777: 支持同步流状态及命中策略ID
This commit is contained in:
刘学利
@@ -4,7 +4,7 @@
|
||||
"group2group_table": "GROUP_GROUP_RELATION",
|
||||
"rules": [
|
||||
{
|
||||
"compile_id": 2,
|
||||
"compile_id": 1,
|
||||
"service": 0,
|
||||
"action": 1,
|
||||
"do_blacklist": 0,
|
||||
@@ -36,6 +36,40 @@
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"compile_id": 2,
|
||||
"service": 0,
|
||||
"action": 16,
|
||||
"do_blacklist": 0,
|
||||
"do_log": 1,
|
||||
"effective_rage": 0,
|
||||
"user_region": "{\"method\":\"rate_limit\",\"bps\":1024,\"packet_capture\":{\"enable\":1,\"capture_depth\":2000}}",
|
||||
"is_valid": "yes",
|
||||
"groups": [
|
||||
{
|
||||
"group_name": "OBJ_DST_IP_ADDR",
|
||||
"virtual_table": "TSG_SECURITY_SOURCE_ADDR",
|
||||
"not_flag": 0,
|
||||
"regions": [
|
||||
{
|
||||
"table_type": "ip_plus",
|
||||
"table_name": "TSG_OBJ_IP_ADDR",
|
||||
"table_content": {
|
||||
"addr_type": "ipv4",
|
||||
"saddr_format": "range",
|
||||
"src_ip1": "0.0.0.0",
|
||||
"src_ip2": "255.255.255.255",
|
||||
"sport_format": "range",
|
||||
"src_port1": "0",
|
||||
"src_port2": "0",
|
||||
"protocol": 0,
|
||||
"direction": "double"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"plugin_table": [
|
||||
|
||||
@@ -25,7 +25,11 @@ set(TSG_MASTER_SRC ${PROJECT_SOURCE_DIR}/src/tsg_entry.cpp
|
||||
${PROJECT_SOURCE_DIR}/src/tsg_icmp.cpp
|
||||
${PROJECT_SOURCE_DIR}/src/tsg_tamper.cpp
|
||||
${PROJECT_SOURCE_DIR}/src/tsg_bridge.cpp
|
||||
${PROJECT_SOURCE_DIR}/src/tsg_sync_state.cpp
|
||||
)
|
||||
|
||||
add_executable(gtest_master ${TSG_MASTER_SRC} gtest_kafka.cpp gtest_common.cpp gtest_master.cpp)
|
||||
target_link_libraries(gtest_master gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger MESA_jump_layer MESA_field_stat2 maatframe MESA_htable)
|
||||
|
||||
add_executable(gtest_sync_session_state ${PROJECT_SOURCE_DIR}/src/tsg_sync_state.cpp gtest_common.cpp gtest_session_state.cpp)
|
||||
target_link_libraries(gtest_sync_session_state gtest-static cjson ctemplate-static)
|
||||
|
||||
@@ -3,6 +3,12 @@
|
||||
|
||||
const char *gtest_addrlist="127.0.0.1.37690>127.0.0.1.443";
|
||||
|
||||
struct gtest_ctrl_pkt
|
||||
{
|
||||
char buf[1024];
|
||||
int len;
|
||||
}ctrl_pkt;
|
||||
|
||||
void dictator_free(int thread_seq, void * pbuf)
|
||||
{
|
||||
free(pbuf);
|
||||
@@ -34,6 +40,20 @@ int sapp_inject_pkt(struct streaminfo * stream, enum sapp_inject_opt sio, const
|
||||
return 0;
|
||||
}
|
||||
|
||||
int sapp_inject_ctrl_pkt(struct streaminfo * stream, enum sapp_inject_opt sio, const void * payload, int payload_len, unsigned char snd_routedir)
|
||||
{
|
||||
memset(&ctrl_pkt, 0, 1024);
|
||||
memcpy(ctrl_pkt.buf, payload, payload_len);
|
||||
ctrl_pkt.len = payload_len;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int get_ctrl_pkt(char *buf, int len)
|
||||
{
|
||||
memcpy(buf, ctrl_pkt.buf, MIN(len, ctrl_pkt.len));
|
||||
return MIN(len, ctrl_pkt.len);
|
||||
}
|
||||
|
||||
unsigned char MESA_dir_reverse(unsigned char raw_route_dir)
|
||||
{
|
||||
|
||||
@@ -344,98 +344,125 @@ TEST(TSGMaster, SecurityDuplicatePolicyMultipleNotify)
|
||||
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id));
|
||||
}
|
||||
|
||||
extern void set_security_result_to_project(const struct streaminfo *a_stream, struct Maat_rule_t *p_result, int p_result_num, PULL_RESULT_TYPE result_type, int thread_seq);
|
||||
extern void set_s_chaining_result_to_bridge(const struct streaminfo * a_stream, struct Maat_rule_t * p_result, int p_result_num, int thread_seq);
|
||||
|
||||
TEST(TSGMaster, SecurityPolicyIntercept)
|
||||
TEST(TSGMaster, ServiceChainingPolicyNotify)
|
||||
{
|
||||
const struct streaminfo a_stream={0};
|
||||
struct Maat_rule_t security_result[MAX_RESULT_NUM]={0};
|
||||
struct identify_info identify_info;
|
||||
|
||||
security_result[1].action=TSG_ACTION_INTERCEPT;
|
||||
security_result[1].config_id=TSG_ACTION_INTERCEPT;
|
||||
|
||||
// Set Intercept
|
||||
set_security_result_to_project((struct streaminfo *)&a_stream, &security_result[1], 1, PULL_KNI_RESULT, 0);
|
||||
|
||||
int ret=tsg_pull_policy_result((struct streaminfo *)&a_stream, PULL_FW_RESULT, &(security_result[2]), 1, &identify_info);
|
||||
EXPECT_EQ(0, ret);
|
||||
|
||||
ret=tsg_pull_policy_result((struct streaminfo *)&a_stream, PULL_KNI_RESULT, &(security_result[2]), 1, &identify_info);
|
||||
EXPECT_EQ(1, ret);
|
||||
EXPECT_EQ(TSG_ACTION_INTERCEPT, security_result[2].action);
|
||||
EXPECT_EQ(TSG_ACTION_INTERCEPT, security_result[2].config_id);
|
||||
struct Maat_rule_t s_chaining_result[MAX_RESULT_NUM]={0};
|
||||
|
||||
ret=tsg_pull_policy_result((struct streaminfo *)&a_stream, PULL_ALL_RESULT, &(security_result[2]), 1, &identify_info);
|
||||
EXPECT_EQ(1, ret);
|
||||
EXPECT_EQ(TSG_ACTION_INTERCEPT, security_result[2].action);
|
||||
EXPECT_EQ(TSG_ACTION_INTERCEPT, security_result[2].config_id);
|
||||
for(int i=0; i<MAX_RESULT_NUM/2; i++)
|
||||
{
|
||||
s_chaining_result[i].action=TSG_ACTION_S_CHAINING;
|
||||
s_chaining_result[i].config_id=TSG_ACTION_S_CHAINING+i;
|
||||
}
|
||||
|
||||
set_s_chaining_result_to_bridge(&a_stream, s_chaining_result, MAX_RESULT_NUM/2, 0);
|
||||
struct tm_hited_result *hited_s_chaining=(struct tm_hited_result *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id);
|
||||
EXPECT_NE(nullptr, hited_s_chaining);
|
||||
EXPECT_EQ(g_tsg_para.service_chaining_sid, hited_s_chaining->sid);
|
||||
EXPECT_EQ(MAX_RESULT_NUM/2, hited_s_chaining->result_num);
|
||||
for(int i=0; i<hited_s_chaining->result_num; i++)
|
||||
{
|
||||
EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->result[i].action);
|
||||
EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->result[i].config_id);
|
||||
}
|
||||
|
||||
struct policy_priority_label *priority_label=(struct policy_priority_label *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id);
|
||||
EXPECT_NE(nullptr, priority_label);
|
||||
EXPECT_EQ(1, priority_label->security_result_num);
|
||||
EXPECT_EQ(TSG_ACTION_INTERCEPT, priority_label->security_result[0].action);
|
||||
EXPECT_EQ(TSG_ACTION_INTERCEPT, priority_label->security_result[0].config_id);
|
||||
|
||||
free_policy_label(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id, (void *)priority_label);
|
||||
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id, NULL);
|
||||
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id));
|
||||
free_shaping_result(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id, (void *)hited_s_chaining);
|
||||
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id, NULL);
|
||||
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id));
|
||||
}
|
||||
|
||||
|
||||
TEST(TSGMaster, SecurityMultiplePolicyMonitorToIntercept)
|
||||
TEST(TSGMaster, ServiceChainingDuplicatePolicyMultipleNotify)
|
||||
{
|
||||
const struct streaminfo a_stream={0};
|
||||
struct Maat_rule_t security_result[MAX_RESULT_NUM]={0};
|
||||
struct identify_info identify_info;
|
||||
struct Maat_rule_t s_chaining_result[MAX_RESULT_NUM]={0};
|
||||
|
||||
security_result[0].action=TSG_ACTION_MONITOR;
|
||||
security_result[0].config_id=TSG_ACTION_MONITOR;
|
||||
|
||||
security_result[1].action=TSG_ACTION_INTERCEPT;
|
||||
security_result[1].config_id=TSG_ACTION_INTERCEPT;
|
||||
|
||||
// First Monitor, second Intercpt
|
||||
tsg_notify_hited_security_result(&a_stream, &security_result[0], 1, 0);
|
||||
|
||||
int ret=tsg_pull_policy_result((struct streaminfo *)&a_stream, PULL_KNI_RESULT, &(security_result[2]), 1, &identify_info);
|
||||
EXPECT_EQ(0, ret);
|
||||
// first
|
||||
for(int i=0; i<MAX_RESULT_NUM/2; i++)
|
||||
{
|
||||
s_chaining_result[i].action=TSG_ACTION_S_CHAINING;
|
||||
s_chaining_result[i].config_id=TSG_ACTION_S_CHAINING+i;
|
||||
}
|
||||
|
||||
ret=tsg_pull_policy_result((struct streaminfo *)&a_stream, PULL_FW_RESULT, &(security_result[2]), 1, &identify_info);
|
||||
EXPECT_EQ(1, ret);
|
||||
EXPECT_EQ(TSG_ACTION_MONITOR, security_result[2].action);
|
||||
EXPECT_EQ(TSG_ACTION_MONITOR, security_result[2].config_id);
|
||||
set_s_chaining_result_to_bridge(&a_stream, s_chaining_result, MAX_RESULT_NUM/2, 0);
|
||||
struct tm_hited_result *hited_s_chaining=(struct tm_hited_result *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id);
|
||||
EXPECT_NE(nullptr, hited_s_chaining);
|
||||
EXPECT_EQ(g_tsg_para.service_chaining_sid, hited_s_chaining->sid);
|
||||
EXPECT_EQ(MAX_RESULT_NUM/2, hited_s_chaining->result_num);
|
||||
for(int i=0; i<hited_s_chaining->result_num; i++)
|
||||
{
|
||||
EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->result[i].action);
|
||||
EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->result[i].config_id);
|
||||
}
|
||||
|
||||
ret=tsg_pull_policy_result((struct streaminfo *)&a_stream, PULL_ALL_RESULT, &(security_result[2]), 1, &identify_info);
|
||||
EXPECT_EQ(1, ret);
|
||||
EXPECT_EQ(TSG_ACTION_MONITOR, security_result[2].action);
|
||||
EXPECT_EQ(TSG_ACTION_MONITOR, security_result[2].config_id);
|
||||
|
||||
// Set Intercept
|
||||
set_security_result_to_project((struct streaminfo *)&a_stream, &security_result[1], 1, PULL_KNI_RESULT, 0);
|
||||
|
||||
ret=tsg_pull_policy_result((struct streaminfo *)&a_stream, PULL_FW_RESULT, &(security_result[2]), 1, &identify_info);
|
||||
EXPECT_EQ(0, ret);
|
||||
|
||||
ret=tsg_pull_policy_result((struct streaminfo *)&a_stream, PULL_KNI_RESULT, &(security_result[2]), 1, &identify_info);
|
||||
EXPECT_EQ(1, ret);
|
||||
EXPECT_EQ(TSG_ACTION_INTERCEPT, security_result[2].action);
|
||||
EXPECT_EQ(TSG_ACTION_INTERCEPT, security_result[2].config_id);
|
||||
// second
|
||||
for(int i=0; i<MAX_RESULT_NUM/2; i++)
|
||||
{
|
||||
s_chaining_result[i].action=TSG_ACTION_S_CHAINING;
|
||||
s_chaining_result[i].config_id=TSG_ACTION_S_CHAINING+i;
|
||||
}
|
||||
|
||||
ret=tsg_pull_policy_result((struct streaminfo *)&a_stream, PULL_ALL_RESULT, &(security_result[2]), 1, &identify_info);
|
||||
EXPECT_EQ(1, ret);
|
||||
EXPECT_EQ(TSG_ACTION_INTERCEPT, security_result[2].action);
|
||||
EXPECT_EQ(TSG_ACTION_INTERCEPT, security_result[2].config_id);
|
||||
tsg_notify_hited_s_chaining_result(&a_stream, s_chaining_result, MAX_RESULT_NUM/2, 1);
|
||||
hited_s_chaining=(struct tm_hited_result *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id);
|
||||
EXPECT_NE(nullptr, hited_s_chaining);
|
||||
EXPECT_EQ(g_tsg_para.service_chaining_sid, hited_s_chaining->sid);
|
||||
EXPECT_EQ(MAX_RESULT_NUM/2, hited_s_chaining->result_num);
|
||||
for(int i=0; i<hited_s_chaining->result_num; i++)
|
||||
{
|
||||
EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->result[i].action);
|
||||
EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->result[i].config_id);
|
||||
}
|
||||
|
||||
struct policy_priority_label *priority_label=(struct policy_priority_label *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id);
|
||||
EXPECT_NE(nullptr, priority_label);
|
||||
EXPECT_EQ(1, priority_label->security_result_num);
|
||||
EXPECT_EQ(TSG_ACTION_INTERCEPT, priority_label->security_result[0].action);
|
||||
EXPECT_EQ(TSG_ACTION_INTERCEPT, priority_label->security_result[0].config_id);
|
||||
free_shaping_result(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id, (void *)hited_s_chaining);
|
||||
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id, NULL);
|
||||
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id));
|
||||
}
|
||||
|
||||
free_policy_label(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id, (void *)priority_label);
|
||||
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id, NULL);
|
||||
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id));
|
||||
TEST(TSGMaster, ServiceChainingPolicyMultipleNotify)
|
||||
{
|
||||
const struct streaminfo a_stream={0};
|
||||
struct Maat_rule_t s_chaining_result[MAX_RESULT_NUM]={0};
|
||||
|
||||
// first
|
||||
for(int i=0; i<MAX_RESULT_NUM/2; i++)
|
||||
{
|
||||
s_chaining_result[i].action=TSG_ACTION_S_CHAINING;
|
||||
s_chaining_result[i].config_id=TSG_ACTION_S_CHAINING+i;
|
||||
}
|
||||
|
||||
set_s_chaining_result_to_bridge(&a_stream, s_chaining_result, MAX_RESULT_NUM/2, 0);
|
||||
struct tm_hited_result *hited_s_chaining=(struct tm_hited_result *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id);
|
||||
EXPECT_NE(nullptr, hited_s_chaining);
|
||||
EXPECT_EQ(g_tsg_para.service_chaining_sid, hited_s_chaining->sid);
|
||||
EXPECT_EQ(MAX_RESULT_NUM/2, hited_s_chaining->result_num);
|
||||
for(int i=0; i<hited_s_chaining->result_num; i++)
|
||||
{
|
||||
EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->result[i].action);
|
||||
EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->result[i].config_id);
|
||||
}
|
||||
|
||||
// second
|
||||
for(int i=MAX_RESULT_NUM/2; i<MAX_RESULT_NUM; i++)
|
||||
{
|
||||
s_chaining_result[i].action=TSG_ACTION_S_CHAINING;
|
||||
s_chaining_result[i].config_id=TSG_ACTION_S_CHAINING+i;
|
||||
}
|
||||
|
||||
tsg_notify_hited_s_chaining_result(&a_stream, &(s_chaining_result[MAX_RESULT_NUM/2]), MAX_RESULT_NUM/2, 1);
|
||||
hited_s_chaining=(struct tm_hited_result *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id);
|
||||
EXPECT_NE(nullptr, hited_s_chaining);
|
||||
EXPECT_EQ(g_tsg_para.service_chaining_sid, hited_s_chaining->sid);
|
||||
EXPECT_EQ(MAX_RESULT_NUM, hited_s_chaining->result_num);
|
||||
for(int i=0; i<hited_s_chaining->result_num; i++)
|
||||
{
|
||||
EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->result[i].action);
|
||||
EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->result[i].config_id);
|
||||
}
|
||||
|
||||
free_shaping_result(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id, (void *)hited_s_chaining);
|
||||
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id, NULL);
|
||||
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id));
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
|
||||
@@ -4,19 +4,107 @@
|
||||
|
||||
#include "tsg_entry.h"
|
||||
#include "gtest_common.h"
|
||||
#include "tsg_variable.h"
|
||||
#include <MESA/MESA_prof_load.h>
|
||||
#include <MESA/MESA_handle_logger.h>
|
||||
|
||||
#include <gtest/gtest.h>
|
||||
|
||||
TEST(MasterTest, SetVlan)
|
||||
int init_fs2_handle(const char *conffile)
|
||||
{
|
||||
//int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID);
|
||||
//EXPECT_EQ(1, ret);
|
||||
int value=0,cycle=0;
|
||||
int output_prometheus=0;
|
||||
unsigned short fs_server_port=0;
|
||||
char app_name[128]={0};
|
||||
char fs_server_ip[MAX_IPV4_LEN]={0};
|
||||
char fs_output_path[128]={0};
|
||||
|
||||
MESA_load_profile_int_def(conffile, "FIELD_STAT", "CYCLE", &cycle, 30);
|
||||
MESA_load_profile_short_nodef(conffile, "FIELD_STAT","TELEGRAF_PORT", (short *)&(fs_server_port));
|
||||
MESA_load_profile_string_nodef(conffile,"FIELD_STAT","TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip));
|
||||
MESA_load_profile_string_def(conffile,"FIELD_STAT","OUTPUT_PATH",fs_output_path, sizeof(fs_output_path), "tsg_stat.log");
|
||||
MESA_load_profile_string_def(conffile,"FIELD_STAT","APP_NAME", app_name, sizeof(app_name), "tsg_master");
|
||||
MESA_load_profile_int_def(conffile, "FIELD_STAT", "PROMETHEUS", &output_prometheus, 1);
|
||||
|
||||
g_tsg_para.fs2_handle=FS_create_handle();
|
||||
|
||||
value=1;//Rewrite
|
||||
FS_set_para(g_tsg_para.fs2_handle, PRINT_MODE, &value, sizeof(value));
|
||||
value=1;//Do not create stat thread
|
||||
FS_set_para(g_tsg_para.fs2_handle, CREATE_THREAD, &value, sizeof(value));
|
||||
|
||||
FS_set_para(g_tsg_para.fs2_handle, STAT_CYCLE, &cycle, sizeof(cycle));
|
||||
FS_set_para(g_tsg_para.fs2_handle, APP_NAME, app_name, strlen(app_name)+1);
|
||||
FS_set_para(g_tsg_para.fs2_handle, OUTPUT_DEVICE, fs_output_path, strlen(fs_output_path)+1);
|
||||
|
||||
value=1;
|
||||
FS_set_para(g_tsg_para.fs2_handle, OUTPUT_PROMETHEUS, &output_prometheus, sizeof(output_prometheus));
|
||||
|
||||
if(fs_server_port > 0 && strlen(fs_server_ip) > 0)
|
||||
{
|
||||
FS_set_para(g_tsg_para.fs2_handle, STATS_SERVER_IP,fs_server_ip, strlen(fs_server_ip)+1);
|
||||
FS_set_para(g_tsg_para.fs2_handle, STATS_SERVER_PORT,&(fs_server_port), sizeof(fs_server_port));
|
||||
}
|
||||
|
||||
value=FS_OUTPUT_INFLUX_LINE;
|
||||
FS_set_para(g_tsg_para.fs2_handle, STATS_FORMAT, &value, sizeof(value));
|
||||
|
||||
for(int i=0; i<TSG_FS2_MAX; i++)
|
||||
{
|
||||
g_tsg_para.fs2_field_id[i]=FS_register(g_tsg_para.fs2_handle, FS_STYLE_FIELD, FS_CALC_SPEED, g_tsg_fs2_field[i].name);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
extern int tsg_rule_init(const char *conffile, void *logger);
|
||||
extern void security_compile_new(int idx, const struct Maat_rule_t* rule, const char* srv_def_large, MAAT_RULE_EX_DATA* ad, long argl, void *argp);
|
||||
extern void security_compile_free(int idx, const struct Maat_rule_t* rule, const char* srv_def_large, MAAT_RULE_EX_DATA* ad, long argl, void *argp);
|
||||
|
||||
TEST(TSGMaster, SecurityDenyPolicyRatelimitSetExData)
|
||||
{
|
||||
struct compile_user_region *user_region=NULL;
|
||||
const struct Maat_rule_t rule={2, 0, 1, 0, 16, 0, 0, {0}};
|
||||
const char * srv_def_large="{\"method\":\"rate_limit\",\"bps\":1024,\"packet_capture\":{\"enable\":1,\"capture_depth\":2000}}";
|
||||
|
||||
security_compile_new(0, &rule, srv_def_large, (MAAT_RULE_EX_DATA *)&user_region, 0, NULL);
|
||||
EXPECT_NE(nullptr, user_region);
|
||||
EXPECT_EQ(1, user_region->ref_cnt);
|
||||
EXPECT_EQ(TSG_METHOD_TYPE_RATE_LIMIT, user_region->method_type);
|
||||
|
||||
EXPECT_NE(nullptr, user_region->deny);
|
||||
EXPECT_EQ(TSG_DENY_TYPE_MAX, user_region->deny->type);
|
||||
EXPECT_EQ(1024, user_region->deny->bps);
|
||||
|
||||
EXPECT_EQ(1, user_region->capture.enabled);
|
||||
EXPECT_EQ(2000, user_region->capture.depth);
|
||||
|
||||
|
||||
security_compile_free(0, &rule, srv_def_large, (MAAT_RULE_EX_DATA *)&user_region, 0, NULL);
|
||||
EXPECT_EQ(nullptr, user_region);
|
||||
}
|
||||
|
||||
TEST(TSGMaster, SecurityDenyPolicyGetRatelimitExData)
|
||||
{
|
||||
struct Maat_rule_t rule={2, 0, 1, 0, 16, 0, 0, {0}};
|
||||
struct compile_user_region *user_region=(struct compile_user_region *)Maat_rule_get_ex_data(g_tsg_maat_feather, &rule, g_tsg_para.table_id[TABLE_SECURITY_COMPILE]);
|
||||
EXPECT_NE(nullptr, user_region);
|
||||
|
||||
EXPECT_EQ(2, user_region->ref_cnt);
|
||||
EXPECT_EQ(TSG_METHOD_TYPE_RATE_LIMIT, user_region->method_type);
|
||||
|
||||
EXPECT_NE(nullptr, user_region->deny);
|
||||
EXPECT_EQ(TSG_DENY_TYPE_MAX, user_region->deny->type);
|
||||
EXPECT_EQ(1024, user_region->deny->bps);
|
||||
|
||||
EXPECT_EQ(1, user_region->capture.enabled);
|
||||
EXPECT_EQ(2000, user_region->capture.depth);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
{
|
||||
init_fs2_handle(tsg_conffile);
|
||||
tsg_rule_init(tsg_conffile, g_tsg_para.logger);
|
||||
testing::InitGoogleTest(&argc, argv);
|
||||
return RUN_ALL_TESTS();
|
||||
}
|
||||
|
||||
|
||||
186
test/src/gtest_session_state.cpp
Normal file
186
test/src/gtest_session_state.cpp
Normal file
@@ -0,0 +1,186 @@
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#include <gtest/gtest.h>
|
||||
#include <MESA/cJSON.h>
|
||||
#include "tsg_sync_state.h"
|
||||
|
||||
extern int get_ctrl_pkt(char *buf, int len);
|
||||
|
||||
struct parse_handle test_handle;
|
||||
|
||||
unsigned long long tsg_get_stream_id(struct streaminfo * a_stream)
|
||||
{
|
||||
return 10;
|
||||
}
|
||||
|
||||
int set_exec_profile_ids( struct streaminfo *a_stream, struct parse_handle *p)
|
||||
{
|
||||
memcpy(&test_handle, p, sizeof(struct parse_handle));
|
||||
return 0;
|
||||
}
|
||||
|
||||
TEST(SESSION_STATE, IllegalPara)
|
||||
{
|
||||
struct streaminfo a_stream = {0};
|
||||
struct update_policy policy_array[2];
|
||||
memset(policy_array, 0, sizeof(struct update_policy) * 2);
|
||||
|
||||
EXPECT_EQ(-1, tsg_send_session_state(NULL, 0));
|
||||
a_stream.opstate = OP_STATE_DATA;
|
||||
EXPECT_EQ(-1, tsg_send_session_state(&a_stream, OP_STATE_DATA));
|
||||
|
||||
EXPECT_EQ(-1, tsg_sync_resetall_state(NULL));
|
||||
EXPECT_EQ(0, tsg_sync_resetall_state(&a_stream));
|
||||
|
||||
EXPECT_EQ(-1, tsg_sync_policy_update(&a_stream, policy_array, 0));
|
||||
EXPECT_EQ(-1, tsg_sync_policy_update(&a_stream, NULL, 2));
|
||||
EXPECT_EQ(-1, tsg_sync_policy_update(NULL, policy_array, 2));
|
||||
policy_array[0].type = POLICY_UPDATE_MAX;
|
||||
EXPECT_EQ(-1, tsg_sync_policy_update(&a_stream, policy_array, 2));
|
||||
}
|
||||
|
||||
TEST(SESSION_STATE, OpeningState)
|
||||
{
|
||||
struct streaminfo a_stream = {0};
|
||||
char ctrl_pkt_buf[1024];
|
||||
int ctrl_pkt_len = 0;
|
||||
a_stream.opstate = OP_STATE_PENDING;
|
||||
EXPECT_EQ(0, tsg_send_session_state(&a_stream, OP_STATE_PENDING));
|
||||
|
||||
ctrl_pkt_len = get_ctrl_pkt(ctrl_pkt_buf, 1024);
|
||||
EXPECT_EQ(ctrl_pkt_len, strlen(ctrl_pkt_buf)+1);
|
||||
EXPECT_STREQ("{\"state\":\"opening\",\"session_id\":\"10\",\"tsync\":\"1.0\"}", ctrl_pkt_buf);
|
||||
}
|
||||
|
||||
TEST(SESSION_STATE, CloseState)
|
||||
{
|
||||
struct streaminfo a_stream = {0};
|
||||
char ctrl_pkt_buf[1024];
|
||||
int ctrl_pkt_len = 0;
|
||||
a_stream.opstate = OP_STATE_CLOSE;
|
||||
EXPECT_EQ(0, tsg_send_session_state(&a_stream, OP_STATE_CLOSE));
|
||||
|
||||
ctrl_pkt_len = get_ctrl_pkt(ctrl_pkt_buf, 1024);
|
||||
EXPECT_EQ(ctrl_pkt_len, strlen(ctrl_pkt_buf)+1);
|
||||
EXPECT_STREQ("{\"state\":\"closing\",\"session_id\":\"10\",\"tsync\":\"1.0\"}", ctrl_pkt_buf);
|
||||
}
|
||||
|
||||
TEST(SESSION_STATE, ResetAllState)
|
||||
{
|
||||
struct streaminfo a_stream = {0};
|
||||
char ctrl_pkt_buf[1024];
|
||||
int ctrl_pkt_len = 0;
|
||||
EXPECT_EQ(0, tsg_sync_resetall_state(&a_stream));
|
||||
|
||||
ctrl_pkt_len = get_ctrl_pkt(ctrl_pkt_buf, 1024);
|
||||
EXPECT_EQ(ctrl_pkt_len, strlen(ctrl_pkt_buf)+1);
|
||||
EXPECT_STREQ("{\"state\":\"resetall\",\"session_id\":\"10\",\"tsync\":\"1.0\"}", ctrl_pkt_buf);
|
||||
}
|
||||
|
||||
TEST(SESSION_STATE, ActiveStateOnlyServiceChaining)
|
||||
{
|
||||
struct streaminfo a_stream = {0};
|
||||
struct update_policy policy_array;
|
||||
char ctrl_pkt_buf[1024];
|
||||
int ctrl_pkt_len = 0;
|
||||
memset(&policy_array, 0, sizeof(struct update_policy));
|
||||
EXPECT_EQ(0, tsg_sync_policy_update(&a_stream, &policy_array, 1));
|
||||
|
||||
ctrl_pkt_len = get_ctrl_pkt(ctrl_pkt_buf, 1024);
|
||||
EXPECT_EQ(ctrl_pkt_len, strlen(ctrl_pkt_buf)+1);
|
||||
EXPECT_STREQ("{\"state\":\"active\",\"method\":\"policy_update\",\"params\":{\"service_chaining\":[]},\"session_id\":\"10\",\"tsync\":\"1.0\"}", ctrl_pkt_buf);
|
||||
}
|
||||
|
||||
TEST(SESSION_STATE, ActiveStateOnlyShaping)
|
||||
{
|
||||
struct streaminfo a_stream = {0};
|
||||
struct update_policy policy_array;
|
||||
char ctrl_pkt_buf[1024];
|
||||
int ctrl_pkt_len = 0;
|
||||
memset(&policy_array, 0, sizeof(struct update_policy));
|
||||
policy_array.type = POLICY_UPDATE_SHAPING;
|
||||
EXPECT_EQ(0, tsg_sync_policy_update(&a_stream, &policy_array, 1));
|
||||
|
||||
ctrl_pkt_len = get_ctrl_pkt(ctrl_pkt_buf, 1024);
|
||||
EXPECT_EQ(ctrl_pkt_len, strlen(ctrl_pkt_buf)+1);
|
||||
EXPECT_STREQ("{\"state\":\"active\",\"method\":\"policy_update\",\"params\":{\"shaping\":[]},\"session_id\":\"10\",\"tsync\":\"1.0\"}", ctrl_pkt_buf);
|
||||
}
|
||||
|
||||
TEST(SESSION_STATE, ActiveStateServiceChainingAndShaping0)
|
||||
{
|
||||
struct streaminfo a_stream = {0};
|
||||
struct update_policy policy_array[2];
|
||||
char ctrl_pkt_buf[1024];
|
||||
int ctrl_pkt_len = 0;
|
||||
memset(&policy_array, 0, sizeof(struct update_policy) * 2);
|
||||
policy_array[0].type = POLICY_UPDATE_SHAPING;
|
||||
EXPECT_EQ(0, tsg_sync_policy_update(&a_stream, policy_array, 2));
|
||||
|
||||
ctrl_pkt_len = get_ctrl_pkt(ctrl_pkt_buf, 1024);
|
||||
EXPECT_EQ(ctrl_pkt_len, strlen(ctrl_pkt_buf)+1);
|
||||
EXPECT_STREQ("{\"state\":\"active\",\"method\":\"policy_update\",\"params\":{\"shaping\":[],\"service_chaining\":[]},\"session_id\":\"10\",\"tsync\":\"1.0\"}", ctrl_pkt_buf);
|
||||
}
|
||||
|
||||
TEST(SESSION_STATE, ActiveStateServiceChainingAndShaping1)
|
||||
{
|
||||
struct streaminfo a_stream = {0};
|
||||
struct update_policy policy_array[2];
|
||||
char ctrl_pkt_buf[1024];
|
||||
int ctrl_pkt_len = 0;
|
||||
memset(&policy_array, 0, sizeof(struct update_policy) * 2);
|
||||
policy_array[0].type = POLICY_UPDATE_SHAPING;
|
||||
policy_array[0].id_num = 3;
|
||||
policy_array[0].ids[0] = 1;
|
||||
policy_array[0].ids[1] = 2;
|
||||
policy_array[0].ids[2] = 3;
|
||||
policy_array[1].id_num = 3;
|
||||
policy_array[1].ids[0] = 4;
|
||||
policy_array[1].ids[1] = 5;
|
||||
policy_array[1].ids[2] = 6;
|
||||
EXPECT_EQ(0, tsg_sync_policy_update(&a_stream, policy_array, 2));
|
||||
|
||||
ctrl_pkt_len = get_ctrl_pkt(ctrl_pkt_buf, 1024);
|
||||
EXPECT_EQ(ctrl_pkt_len, strlen(ctrl_pkt_buf)+1);
|
||||
EXPECT_STREQ("{\"state\":\"active\",\"method\":\"policy_update\",\"params\":{\"shaping\":[1,2,3],\"service_chaining\":[4,5,6]},\"session_id\":\"10\",\"tsync\":\"1.0\"}", ctrl_pkt_buf);
|
||||
}
|
||||
|
||||
TEST(RECEIVE, IllegalPara)
|
||||
{
|
||||
struct streaminfo a_stream = {0};
|
||||
const char *payload = "{\"tsync\":\"1.0\",\"session_id\":\"123456789\",\"state\":\"active\",\"method\":\"log_update\",\"params\":{\"sf_profile_ids\":}}";
|
||||
const char *payload_ = "{\"tsync\":\"1.0\",\"session_id\":\"123456789\",\"state\":\"active\",\"method\":\"log_update\",\"params\":{\"sf_profile_ids\":[2,3,4,5,6,7]}}";
|
||||
|
||||
EXPECT_EQ(-1, tsg_recv_control_pkt(&a_stream, payload, strlen(payload)));
|
||||
EXPECT_EQ(-1, tsg_recv_control_pkt(&a_stream, NULL, strlen(payload)));
|
||||
EXPECT_EQ(-1, tsg_recv_control_pkt(&a_stream, payload, 0));
|
||||
EXPECT_EQ(-1, tsg_recv_control_pkt(NULL, payload_, strlen(payload_)));
|
||||
EXPECT_EQ(0, tsg_recv_control_pkt(&a_stream, payload_, strlen(payload_)));
|
||||
}
|
||||
|
||||
#if 0
|
||||
TEST(RECEIVE, JsonParse)
|
||||
{
|
||||
struct streaminfo a_stream = {0};
|
||||
const char *payload_ = "{\"tsync\":\"1.0\",\"session_id\":\"123456789\",\"state\":\"active\",\"method\":\"log_update\",\"params\":{\"sf_profile_ids\":[2,3,4,5,6,7]}}";
|
||||
|
||||
EXPECT_EQ(0, tsg_recv_control_pkt(&a_stream, payload_, strlen(payload_)));
|
||||
|
||||
EXPECT_STREQ("1.0", test_handle.tsync);
|
||||
EXPECT_EQ(123456789, test_handle.session_id);
|
||||
EXPECT_STREQ("log_update", test_handle.method);
|
||||
EXPECT_STREQ("active", test_handle.state);
|
||||
EXPECT_EQ(6, test_handle.sf_ids.id_num);
|
||||
for (int i = 0; i < 6; i++)
|
||||
{
|
||||
EXPECT_EQ(i+2, test_handle.sf_ids.ids[i]);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
testing::InitGoogleTest(&argc, argv);
|
||||
return RUN_ALL_TESTS();
|
||||
}
|
||||
Reference in New Issue
Block a user